This is a project created to showcase a simple python api running on AWS using ECS. The app implement api calls to upsert and get users on a MongoDB database. This is by no means intended for production usage.
The project is publicly available on https://github.com/gabrgomes/simple-user-api
flowchart TB;
web((Internet)) -->|80| lb{Applicaton LB}
subgraph "cluster-app (ECS)"
App1 & App2 & App3
end
subgraph "DNS (Route 53)"
sd(mongo.app_zone)
end
subgraph "cluster-db (ECS)"
subgraph service
db[(MongoDB)]
end
end
lb -->|8000| App1 & App2 & App3
App1 & App2 & App3 -.->|mongo.app_zone:27017| sd
sd -.- service-discovery -.- service
Requirements:
- docker >= 20.10.18
# Building the app
docker compose build
# run containers on background
docker compose up -d
# Api doc will be available on http://localhost:8000/docs
# stop the containers
docker compose downRequirements:
- aws credentials configured (ref)
- terraform >= 1.3.2
# enter terraform directory
cd terraform
# install the requirements
terraform init
# see the modifications
terraform plan
# provision application resources
terraform apply
# Api doc url will be shown on the output var app_url.
# remove application resources
terraform destroy| var | default | description |
|---|---|---|
| region_name | us-east-1 | AWS region name |
| app_name | simple-user-api | Name of the application to be used to create resources. |
| app_image | public.ecr.aws/f9q5q0t9/simple-user-api:latest | Application image url |
| app_container_port | 8000 | Application port |
| db_container_port | 27017 | MongoDB port |
| max_capacity | 3 | Maximum number of application tasks |
| min_capacity | 1 | Minimum number of application tasks |
| cpu_threshold | 80 | Cpu % threshold for autoscaling |
| mem_threshold | 80 | Memory % threshold for autoscaling |
For simplicity this project has some questionable choices that should be mentioned:
- The terraform module provision all resources on the default VPC.
- The database is implemented as simple MongoDB instance with no authentication and no persistence.
- The task definition is pointing to a image on a public repository that will eventualy stop working at any time. In this case you will need to build and publish the image to your own registry.
- The containers in ECS are configured with public IP adresses to allow image pull from public repositories. Ideally you could use private repos on ECR with the necessary security group configurations or use NAT for outgoing connections to the internet.
The terraform code creates a simple dashboard on Cloud Watch with cpu and memory usage for the services.
- App
- Dockerfile
- Docker compose
- Deploy AWS
- HA
- Monitoring
- Autoscaling
- Create VPC and subnets
- Use Internet gateway
- Create pipeline to build image, push to ecr and update task definition
- Enable tracing with AWS Distro for OpenTelemetry